home

RunExeActiveX.ocx

RunExeActiveX

Gateway, Inc.

Publisher:
Gateway Inc.  (signed by Gateway, Inc.)

Product:
RunExeActiveX

Version:
1.00.0007

MD5:
60f4f01c4eb0990e0c657cdbcb1df4e1

SHA-1:
26882b1470bdfa2b671aa3658def64f510618c10

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/29/2024 3:55:23 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/VBTrojan.Downloader.1D
v6.4.6.5.141

K7 AntiVirus
Trojan
13.152.7632

Trend Micro House Call
TROJ_GEN.R47FFH3
7.2.280

File size:
34.2 KB (34,976 bytes)

Product version:
1.00.0007

Original file name:
RunExeActiveX.ocx

File type:
OLE control extension (Win32 OCX)

Language:
English (United States)

Digital Signature
Signed by:
Gateway, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/19/2001 8:00:00 PM

Valid to:
7/12/2002 7:59:59 PM

Subject:
OU=Information Solutions, CN="Gateway, Inc.", L=N. Sioux City, S=SD, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:
OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:
5DA7F9D7C3D4A98AF4693BB4E53FA723

Registration
CLSID:
{739E8D90-2F4C-43AD-A1B8-66C356FCEA35}

ProgID:
RunExeActiveX.RunExe

COM registered:
Yes

File PE Metadata
Compilation timestamp:
8/24/2001 2:47:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:zM805x0pEETcnkPafJjFXy9SvJdheHpLG++bM:g3nLJjFXysvb/vbM

Entry address:
0x130C

Entry point:
5A, 68, 90, 4A, 00, 11, 68, 94, 4A, 00, 11, 52, E9, E7, FF, FF, FF, 00, 00, 00, 58, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, C5, 43, C9, 3C, 99, 3C, D4, 11, 81, 35, 00, 50, 04, 1A, 51, 44, 00, 00, 00, 00, 02, 00, 1D, 00, 00, 00, 30, 00, 2E, 00, 30, 00, 52, 75, 6E, 45, 78, 65, 41, 63, 74, 69, 76, 65, 58, 00, 49, 00, 52, 75, 6E, 45, 78, 65, 41, 63, 74, 69, 76, 65, 58, 00, 4E, 00, 00, 00, 6D, 00, 65, 00, 00, 00, 00, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.8350

Developed / compiled with:
Microsoft Visual Basic v6.0

Code size:
12 KB (12,288 bytes)

ActiveX Install
Name:
{739E8D90-2F4C-43AD-A1B8-66C356FCEA35}


Scan RunExeActiveX.ocx - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.